You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@commons.apache.org by ki...@apache.org on 2021/11/06 03:29:39 UTC
[commons-imaging] branch master updated: [IMAGING-317] Fix NPE when
a PNG indexed image does not have a PLTE chunk
This is an automated email from the ASF dual-hosted git repository.
kinow pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-imaging.git
The following commit(s) were added to refs/heads/master by this push:
new 0865b15 [IMAGING-317] Fix NPE when a PNG indexed image does not have a PLTE chunk
0865b15 is described below
commit 0865b1571aac87f49e7f743eae00e32bc34b365f
Author: Bruno P. Kinoshita <ki...@apache.org>
AuthorDate: Sat Nov 6 16:22:55 2021 +1300
[IMAGING-317] Fix NPE when a PNG indexed image does not have a PLTE chunk
---
src/changes/changes.xml | 3 +++
.../commons/imaging/formats/png/ScanExpediter.java | 3 +++
.../apache/commons/imaging/formats/png/PngReadTest.java | 16 ++++++++++++++++
...testcase-minimized-ImagingPngFuzzer-6242400830357504 | Bin 0 -> 707 bytes
4 files changed, 22 insertions(+)
diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index 8eb8dd6..34f3291 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml
@@ -162,6 +162,9 @@ The <action> type attribute can be add,update,fix,remove.
<action issue="IMAGING-315" dev="kinow" type="update" due-to="Arturo Bernal">
Remove redundant variables
</action>
+ <action issue="IMAGING-317" dev="kinow" type="fix" due-to="OSS-Fuzz">
+ A PNG image using indexed color type but no PLTE chunks throws NPE.
+ </action>
</release>
<release version="1.0-alpha2" date="2020-08-01" description="Second 1.0 alpha release">
<action issue="IMAGING-258" dev="kinow" type="update" due-to="Gary Lucas">
diff --git a/src/main/java/org/apache/commons/imaging/formats/png/ScanExpediter.java b/src/main/java/org/apache/commons/imaging/formats/png/ScanExpediter.java
index 52752ca..b9e3a69 100644
--- a/src/main/java/org/apache/commons/imaging/formats/png/ScanExpediter.java
+++ b/src/main/java/org/apache/commons/imaging/formats/png/ScanExpediter.java
@@ -127,6 +127,9 @@ abstract class ScanExpediter {
case INDEXED_COLOR: {
// 1,2,4,8 Each pixel is a palette index;
// a PLTE chunk must appear.
+ if (pngChunkPLTE == null) {
+ throw new ImageReadException("A PLTE chunk is required for an indexed color type.");
+ }
final int index = bitParser.getSample(pixelIndexInScanline, 0);
int rgb = pngChunkPLTE.getRGB(index);
diff --git a/src/test/java/org/apache/commons/imaging/formats/png/PngReadTest.java b/src/test/java/org/apache/commons/imaging/formats/png/PngReadTest.java
index fa7f69f..646af64 100644
--- a/src/test/java/org/apache/commons/imaging/formats/png/PngReadTest.java
+++ b/src/test/java/org/apache/commons/imaging/formats/png/PngReadTest.java
@@ -94,4 +94,20 @@ public class PngReadTest extends PngBaseTest {
final PngImageParser parser = new PngImageParser();
assertThrows(ImageReadException.class, () -> parser.getBufferedImage(new ByteSourceFile(new File(file)), Collections.emptyMap()));
}
+
+ /**
+ * Test that a PNG image using indexed color type but no PLTE chunks
+ * does not throw a {@code NullPointerException}.
+ *
+ * <p>See Google OSS Fuzz issue 37607</p>
+ *
+ * @throws IOException if it fails to read the test image
+ */
+ @Test
+ public void testUncaughtExceptionOssFuzz37607() throws IOException {
+ final String input = "/images/png/IMAGING-317/clusterfuzz-testcase-minimized-ImagingPngFuzzer-6242400830357504";
+ final String file = PngReadTest.class.getResource(input).getFile();
+ final PngImageParser parser = new PngImageParser();
+ assertThrows(ImageReadException.class, () -> parser.getBufferedImage(new ByteSourceFile(new File(file)), Collections.emptyMap()));
+ }
}
diff --git a/src/test/resources/images/png/IMAGING-317/clusterfuzz-testcase-minimized-ImagingPngFuzzer-6242400830357504 b/src/test/resources/images/png/IMAGING-317/clusterfuzz-testcase-minimized-ImagingPngFuzzer-6242400830357504
new file mode 100644
index 0000000..3bb5eeb
Binary files /dev/null and b/src/test/resources/images/png/IMAGING-317/clusterfuzz-testcase-minimized-ImagingPngFuzzer-6242400830357504 differ